0

Today, we're using the following setup :

 OS    uses   technology  
Windows  ->      GCPW
Mac      ->      LDAP
Android  ->   Workspace

Let's take Windows as an example. A user can login into Windows using GCPW by entering his google account info. I want to prevent any login into his gmail account using a browser or any other application that isn't using GCPW.

This is a BYOD environment.

Any ideas on how can I achieve this?

I found out that we could add custom settings to our GCPW, is it possible to use these settings to prevent access to gmail from outside of the scope of GCPW ?

Alex E.
  • 103
  • 4
  • Just to be sure I understand your question: What you want to achive is that nobody can access GMail accounts bypassing GCPW? – TorstenS Sep 15 '21 at 14:21
  • @TorstenS google account should only be access when the user is in a GCPW environment. If he tries to login to google using his browser from another windows device, it should prevent him of doing so by telling him he should connect to a GCPW first. So, yes, nobody can access GMail accounts outside of the GCPW scope. Do you have an idea on how to do that? – Alex E. Sep 15 '21 at 14:22

1 Answers1

1

You may need to think this the other way round: You want to limit the devices and mayby networks from which users are allowed to login to your corporate GSuite accounts. This is nothing you can achieve inside GCPW because if someone is using his / her personal device on a public network to approach Google and try to sign in, there is no GCPW in the picture at all.

Instead, you may want to familliarize yourself with the section Control access to apps based on user and device context -> Context-Aware Access which you will find at https://support.google.com/.

TorstenS
  • 200
  • 6
  • Hi. I figured it out, yes, that I needed to use the `Context-Aware Access` and that it might be the only thing possible for me to use. Thank you for pointing that out as well, I hope your answer helps other people looking for ideas :) Cheers and thank you for your time! – Alex E. Sep 17 '21 at 10:51